[PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[Neeraj Soni]

Add the wrapped key support for sdhci-msm by implementing the needed
methods in struct blk_crypto_ll_ops and setting the appropriate flag in
blk_crypto_profile::key_types_supported.

Tested on SC7280 eMMC variant.

How to test:

Use the "wip-wrapped-keys-2024-12-09" tag from https://github.com/ebiggers/fscryptctl
and build fscryptctl that supports generating wrapped keys.

Enable the following config options:
CONFIG_BLK_INLINE_ENCRYPTION=y
CONFIG_QCOM_INLINE_CRYPTO_ENGINE=y
CONFIG_FS_ENCRYPTION_INLINE_CRYPT=y
CONFIG_MMC_CRYPTO=y

Enable "qcom_ice.use_wrapped_keys" via kernel command line.

$ mkfs.ext4 -F -O encrypt,stable_inodes /dev/disk/by-partlabel/vm-data
$ mount /dev/disk/by-partlabel/vm-data -o inlinecrypt /mnt
$ fscryptctl generate_hw_wrapped_key /dev/disk/by-partlabel/vm-data > /mnt/key.longterm
$ fscryptctl prepare_hw_wrapped_key /dev/disk/by-partlabel/vm-data < /mnt/key.longterm > /tmp/key.ephemeral
$ KEYID=$(fscryptctl add_key --hw-wrapped-key < /tmp/key.ephemeral /mnt)
$ rm -rf /mnt/dir
$ mkdir /mnt/dir
$ fscryptctl set_policy --iv-ino-lblk-32 "$KEYID" /mnt/dir
$ dmesg > /mnt/dir/test.txt
$ sync

Reboot the board

$ mount /dev/disk/by-partlabel/vm-data -o inlinecrypt /mnt
$ ls /mnt/dir # File should be encrypted
$ fscryptctl prepare_hw_wrapped_key /dev/disk/by-partlabel/vm-data < /mnt/key.longterm > /tmp/key.ephemeral
$ KEYID=$(fscryptctl add_key --hw-wrapped-key < /tmp/key.ephemeral /mnt)
$ fscryptctl set_policy --iv-ino-lblk-32 "$KEYID" /mnt/dir
$ cat /mnt/dir/test.txt # File should now be decrypted

Tested-by: Wenjia Zhang <wenjia.zhang@oss.qualcomm.com>
Signed-off-by: Neeraj Soni <neeraj.soni@oss.qualcomm.com>

---
This is a reworked version of the patchset
https://lore.kernel.org/all/20241101031539.13285-1-quic_spuppala@quicinc.com/
that was sent by Seshu Madhavi Puppala.

My changes rebase it to use the custom crypto profile support.

Changes in v3:
- Updated commit message with test details and moved "Signed-off-by" above the
  scissors line.

Changes in v2:
- Updated commit message for clarity.

Changes in v1:
- Added initial support for wrapped keys.
---
 drivers/mmc/host/sdhci-msm.c | 51 +++++++++++++++++++++++++++++++-----
 1 file changed, 45 insertions(+), 6 deletions(-)

diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c
index 4e5edbf2fc9b..351f2a77068b 100644
--- a/drivers/mmc/host/sdhci-msm.c
+++ b/drivers/mmc/host/sdhci-msm.c
@@ -1911,11 +1911,6 @@ static int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host,
 	if (IS_ERR_OR_NULL(ice))
 		return PTR_ERR_OR_ZERO(ice);
 
-	if (qcom_ice_get_supported_key_type(ice) != BLK_CRYPTO_KEY_TYPE_RAW) {
-		dev_warn(dev, "Wrapped keys not supported. Disabling inline encryption support.\n");
-		return 0;
-	}
-
 	msm_host->ice = ice;
 
 	/* Initialize the blk_crypto_profile */
@@ -1929,7 +1924,7 @@ static int sdhci_msm_ice_init(struct sdhci_msm_host *msm_host,
 
 	profile->ll_ops = sdhci_msm_crypto_ops;
 	profile->max_dun_bytes_supported = 4;
-	profile->key_types_supported = BLK_CRYPTO_KEY_TYPE_RAW;
+	profile->key_types_supported = qcom_ice_get_supported_key_type(ice);
 	profile->dev = dev;
 
 	/*
@@ -2009,9 +2004,53 @@ static int sdhci_msm_ice_keyslot_evict(struct blk_crypto_profile *profile,
 	return qcom_ice_evict_key(msm_host->ice, slot);
 }
 
+static int sdhci_msm_ice_derive_sw_secret(struct blk_crypto_profile *profile,
+					  const u8 *eph_key, size_t eph_key_size,
+					  u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
+{
+	struct sdhci_msm_host *msm_host =
+		sdhci_msm_host_from_crypto_profile(profile);
+
+	return qcom_ice_derive_sw_secret(msm_host->ice, eph_key, eph_key_size,
+					sw_secret);
+}
+
+static int sdhci_msm_ice_import_key(struct blk_crypto_profile *profile,
+				    const u8 *raw_key, size_t raw_key_size,
+				    u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+	struct sdhci_msm_host *msm_host =
+		sdhci_msm_host_from_crypto_profile(profile);
+
+	return qcom_ice_import_key(msm_host->ice, raw_key, raw_key_size, lt_key);
+}
+
+static int sdhci_msm_ice_generate_key(struct blk_crypto_profile *profile,
+				      u8 lt_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+	struct sdhci_msm_host *msm_host =
+		sdhci_msm_host_from_crypto_profile(profile);
+
+	return qcom_ice_generate_key(msm_host->ice, lt_key);
+}
+
+static int sdhci_msm_ice_prepare_key(struct blk_crypto_profile *profile,
+				     const u8 *lt_key, size_t lt_key_size,
+				     u8 eph_key[BLK_CRYPTO_MAX_HW_WRAPPED_KEY_SIZE])
+{
+	struct sdhci_msm_host *msm_host =
+		sdhci_msm_host_from_crypto_profile(profile);
+
+	return qcom_ice_prepare_key(msm_host->ice, lt_key, lt_key_size, eph_key);
+}
+
 static const struct blk_crypto_ll_ops sdhci_msm_crypto_ops = {
 	.keyslot_program	= sdhci_msm_ice_keyslot_program,
 	.keyslot_evict		= sdhci_msm_ice_keyslot_evict,
+	.derive_sw_secret	= sdhci_msm_ice_derive_sw_secret,
+	.import_key		= sdhci_msm_ice_import_key,
+	.generate_key		= sdhci_msm_ice_generate_key,
+	.prepare_key		= sdhci_msm_ice_prepare_key,
 };
 
 #else /* CONFIG_MMC_CRYPTO */
-- 
2.34.1

Re: [PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[Konrad Dybcio]

On 12/29/25 8:05 AM, Neeraj Soni wrote:
> Add the wrapped key support for sdhci-msm by implementing the needed
> methods in struct blk_crypto_ll_ops and setting the appropriate flag in
> blk_crypto_profile::key_types_supported.
> 
> Tested on SC7280 eMMC variant.

[...]

> +static int sdhci_msm_ice_derive_sw_secret(struct blk_crypto_profile *profile,
> +					  const u8 *eph_key, size_t eph_key_size,
> +					  u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])

These should be aligned, please touch that up

> +{
> +	struct sdhci_msm_host *msm_host =
> +		sdhci_msm_host_from_crypto_profile(profile);

Please feel free to unwrap this line (and its copies)
> +
> +	return qcom_ice_derive_sw_secret(msm_host->ice, eph_key, eph_key_size,
> +					sw_secret);

And this one too

Logic-wise, I don't see anything obviously wrong

Konrad

Re: [PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[Eric Biggers]

On Mon, Dec 29, 2025 at 12:35:07PM +0530, Neeraj Soni wrote:
> Add the wrapped key support for sdhci-msm by implementing the needed
> methods in struct blk_crypto_ll_ops and setting the appropriate flag in
> blk_crypto_profile::key_types_supported.
> 
> Tested on SC7280 eMMC variant.
> 
> How to test:
> 
> Use the "wip-wrapped-keys-2024-12-09" tag from https://github.com/ebiggers/fscryptctl
> and build fscryptctl that supports generating wrapped keys.

Use the official release of fscryptctl from
https://github.com/google/fscryptctl instead.  v1.3.0 has wrapped key
support.

Note that the tag you linked to was for an older version of the wrapped
key patches that wasn't compatible with the upstreamed version.  So it
isn't plausible that it still works.  I'll assume you actually tested a
different version and then just listed the wrong tag in your commit
message.  To avoid confusion, I've deleted that old tag.

> Tested-by: Wenjia Zhang <wenjia.zhang@oss.qualcomm.com>
> Signed-off-by: Neeraj Soni <neeraj.soni@oss.qualcomm.com>

Otherwise this patch looks good.

Reviewed-by: Eric Biggers <ebiggers@kernel.org>

- Eric

Re: [PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[Neeraj Soni]

Hi,

On 12/29/2025 6:48 PM, Konrad Dybcio wrote:
> On 12/29/25 8:05 AM, Neeraj Soni wrote:
>> Add the wrapped key support for sdhci-msm by implementing the needed
>> methods in struct blk_crypto_ll_ops and setting the appropriate flag in
>> blk_crypto_profile::key_types_supported.
>>
>> Tested on SC7280 eMMC variant.
> 
> [...]
> 
>> +static int sdhci_msm_ice_derive_sw_secret(struct blk_crypto_profile *profile,
>> +					  const u8 *eph_key, size_t eph_key_size,
>> +					  u8 sw_secret[BLK_CRYPTO_SW_SECRET_SIZE])
> 
> These should be aligned, please touch that up
Thanks for pointing out. Will fix it in next patch.
> 
>> +{
>> +	struct sdhci_msm_host *msm_host =
>> +		sdhci_msm_host_from_crypto_profile(profile);
> 
> Please feel free to unwrap this line (and its copies)
Sure.
>> +
>> +	return qcom_ice_derive_sw_secret(msm_host->ice, eph_key, eph_key_size,
>> +					sw_secret);
> 
> And this one too
Okay will fix this too in next patch.
> 
> Logic-wise, I don't see anything obviously wrong> 
> Konrad
> 
Regards
Neeraj

Re: [PATCH v3] mmc: host: sdhci-msm: Add support for wrapped keys

[Neeraj Soni]

Hi

On 12/30/2025 3:55 AM, Eric Biggers wrote:
> On Mon, Dec 29, 2025 at 12:35:07PM +0530, Neeraj Soni wrote:
>> Add the wrapped key support for sdhci-msm by implementing the needed
>> methods in struct blk_crypto_ll_ops and setting the appropriate flag in
>> blk_crypto_profile::key_types_supported.
>>
>> Tested on SC7280 eMMC variant.
>>
>> How to test:
>>
>> Use the "wip-wrapped-keys-2024-12-09" tag from https://github.com/ebiggers/fscryptctl
>> and build fscryptctl that supports generating wrapped keys.
> 
> Use the official release of fscryptctl from
> https://github.com/google/fscryptctl instead.  v1.3.0 has wrapped key
> support.> 
> Note that the tag you linked to was for an older version of the wrapped
> key patches that wasn't compatible with the upstreamed version.  So it
> isn't plausible that it still works.  I'll assume you actually tested a
> different version and then just listed the wrong tag in your commit
> message.  To avoid confusion, I've deleted that old tag.
Okay. I Will test this patch using the fscryptctl you pointed and update the message accordingly in next patch.
> 
>> Tested-by: Wenjia Zhang <wenjia.zhang@oss.qualcomm.com>
>> Signed-off-by: Neeraj Soni <neeraj.soni@oss.qualcomm.com>
> 
> Otherwise this patch looks good.
Thanks.
> 
> Reviewed-by: Eric Biggers <ebiggers@kernel.org>
> 
> - Eric
> 
Regards
Neeraj